[Bug 206467] 520.pfdenied does not reset counters every day

Thu Jan 21 14:35:19 UTC 2016

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206467

            Bug ID: 206467
           Summary: 520.pfdenied does not reset counters every day
           Product: Base System
           Version: 11.0-CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: conf
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: rick at cello.net

Created attachment 165917
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=165917&action=edit
520.pfdenied patch to add -z flag

/etc/periodic/security/520.pfdenied produces reports based on /var/log/pf.today
and /var/log/pf.yesterday

This implies that the counts in the report are for one day only.

The counter is never reset, so the counts are cumulative and therefore not
particularly useful as reported.

Add the "-z" flag to the pfctl command in 520.pf.denied so that the stats are
zeroed daily

-- 
You are receiving this mail because:
You are the assignee for the bug.